Abstract
As security measures to protect against cyberattacks increase, hackers have begun to target the weakest link in the cybersecurity chain–people. Such attacks are categorized as Social Engineering and rely on the manipulation and deception of people rather than technical security flaws [4]. This study attempts to examine the relationship between people and their vulnerability to Social Engineering attacks by posing the following questions: (1) what relationship, if any, exists between personality traits and Social Engineering vulnerability, and (2) what relationship, if any, exists between personality traits and the speed at which an individual makes cybersecurity-related decisions. To answer these questions, 79 undergraduate students at the University of Hawaii were surveyed to measure their personality traits and cybersecurity awareness. The survey results indicated that there was no significant correlation between the measured personality traits and measured vulnerability. The relationship between different personality traits and the elapsed time to complete the survey was slightly more significant; however, it was still statistically insignificant overall.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abraham, S., Chengalur-Smith, I.: An overview of social engineering malware: trends, tactics, and implications. Technol. Soc. 32(3), 183–196 (2010). https://doi.org/10.1016/j.techsoc.2010.07.001
Albladi, S.M., Weir, G.R.S.: User characteristics that influence judgment of social engineering attacks in social networks. HCIS 8(1), 1–24 (2018). https://doi.org/10.1186/s13673-018-0128-7
Kaouthar, C., et al.: Overview of social engineering attacks on social networks. Procedia Comput. Sci. 198, 656–661 (2022). https://doi.org/10.1016/j.procs.2021.12.302
Brian, C., Kemi, K.: The impact of personality traits on user’s susceptibility to social engineering attacks. In: Australian Information Security Management Conference (2018). https://doi.org/10.25958/5c528ffa66693
Imanaka, J.: Replication Package, https://github.com/jimanaka/personality-traits-as-predictors-for-social-engineering-vulnerability
John, O.P., Srivastava, S.: The big-five trait taxonomy: history, measurement, and theoretical perspectives. In: Pervin, L.A., John, O.P. (eds.) Handbook of personality: Theory and research, vol. 2, pp. 102–138. Guilford Press, New York (1999)
Halevi, T., Lewis, J., Memon, N.: Phishing, personality traits and Facebook. arXiv Prepr. arXiv1301.7643 (2013)
Alseadoon, I., Othman, M.F.I., Chan, T.: What is the influence of users’ characteristics on their ability to detect phishing emails? In: Sulaiman, H.A., Othman, M.A., Othman, M.F.I., Rahim, Y.A., Pee, N.C. (eds.) Advanced Computer and Communication Engineering Technology. LNEE, vol. 315, pp. 949–962. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-07674-4_89
Arif, K., Janabi, E.A.: Social engineering attacks. J. Multi. Eng. Sci. Technol. (JMEST) 4(6) (2017)
Krombholz, K., Hobel, H., Huber, M., Weippl, E.: Advanced social engineering attacks. J. Inf. Sec. Appl. 22, 113–122 (2015). https://doi.org/10.1016/j.jisa.2014.09.005
Finn, P., Jakobsson, M.: Designing ethical phishing experiments. IEEE Technol. Soc. Mag. 26(1), 46–58 (2007). https://doi.org/10.1109/mtas.2007.335565
Gail, S.M., Artino, A.R.: Analyzing and Interpreting data from Likert-type scales. J. Grad. Med. Edu. 5(4), 541–542 (2013). https://doi.org/10.4300/jgme-5-4-18
Sven, U., Quiel, S.: The social engineering personality framework. In: 2014 Workshop on Socio-Technical Aspects in Security and Trust (2014). https://doi.org/10.1109/stast.2014.12
Wang, Z., Zhu, H., Sun, L.: Social engineering in cybersecurity: effect mechanisms, human vulnerabilities and attack methods. IEEE Access 9, 11895–11910 (2021). https://doi.org/10.1109/access.2021.3051633
Acknowledgements
This material is based upon work supported by the National Science Foundation (NSF) under Grant No. 1662487. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the NSF.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Imanaka, J., Ogawa, MB., Crosby, M.E. (2023). Personality Traits as Predictors for Social Engineering Vulnerability. In: Schmorrow, D.D., Fidopiastis, C.M. (eds) Augmented Cognition. HCII 2023. Lecture Notes in Computer Science(), vol 14019. Springer, Cham. https://doi.org/10.1007/978-3-031-35017-7_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-35017-7_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-35016-0
Online ISBN: 978-3-031-35017-7
eBook Packages: Computer ScienceComputer Science (R0)